The Year of Threat

I am officially declaring 2017 the year of threat.

Doing my best to play the part of threat actor.( Defcon Tinfoil-Hat-Contest).

Following years of rhetoric about state-based attacks and who is at fault for what major system compromise the public seems to finally have come to grips with a few indisputable notes us security pros have been screaming at the tops of our lungs for a couple decades.

  1. There is (at least) a threat out there targeting every principal.
  2. The bad things threat actors cause mean more to the average person than the increasing the frequency of plastic rotation in a wallet.
  3. Things are obviously getting worse.

The public hasn’t grokked this one yet but:

Continue reading “The Year of Threat”

News Flash: World Wide Web is Wild Wild West … still

Okay, so this shouldn’t be news to anyone moderately concerned with the safety of their personal information or corporate resources, but this week reinforced a growing trend in information systems:

The web-browser is the largest attack vector on any platform.

This week saw one disclosure and two separate 0-day attacks which left nowhere to hide on the web.

Continue reading “News Flash: World Wide Web is Wild Wild West … still”